Latest Cybersecurity News and Articles
26 June 2025
Bonfy.AI has emerged from stealth mode to help organizations prevent cybersecurity, privacy and compliance risks.
The post Bonfy.AI Raises $9.5 Million for Adaptive Content Security Platform appeared first on SecurityWeek.
26 June 2025
The FDA highlights the importance of embedding cybersecurity into medical product manufacturing.
26 June 2025
SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace
SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience.
It doesn’t.
These platforms weren’t built with full-scale data
26 June 2025
CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17.
The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek.
26 June 2025
The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology.
The post Central Kentucky Radiology Data Breach Impacts 167,000 appeared first on SecurityWeek.
26 June 2025
Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges.
The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution appeared first on SecurityWeek.
26 June 2025
An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel.
"In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to
26 June 2025
25-year-old Kai West, believed to be the hacker IntelBroker, was arrested in France and charged by the United States.
The post British Man Suspected of Being the Hacker IntelBroker Arrested, Charged appeared first on SecurityWeek.
26 June 2025
Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access.
Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where "CL" refers to "cluster" and "CRI" stands for "criminal motivation."
It's suspected
26 June 2025
Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day.
The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek.
26 June 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows -
CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing
26 June 2025
Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats.
The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later this year.
It "uses Meta AI to
25 June 2025
New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications.
Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse.
First disclosed by
25 June 2025
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild.
The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0.
It has been described as a case of memory overflow that could result in unintended control flow and denial-of-service. However, successful exploitation requires the
25 June 2025
New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023.
The post Thousands of SaaS Apps Could Still Be Susceptible to nOAuth appeared first on SecurityWeek.
25 June 2025
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions.
The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January
25 June 2025
With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates.
The post Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears appeared first on SecurityWeek.
25 June 2025
Hackers have reportedly stolen funds from Nobitex, Iran’s largest cryptocurrency exchange.
25 June 2025
G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables.
The post Hackers Abuse ConnectWise to Hide Malware appeared first on SecurityWeek.
25 June 2025
SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code.
The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek.